The other day I caught this humorous image posted to Reddit, showing a Firefox update dialog popping up over a weather satellite image, live on TV:
I was amused, so I posted it to one of Mozilla’s internal mailing lists – which started a renewed flurry of discussion surrounding the update manager. To start with, a bug was filed on this specific issue: don’t prompt for software update unless firefox is the foreground application. Second, it was pointed out that a particular fix has already landed in Firefox 3, related to this issue: Software update dialog steals focus / wait for idle before prompting. Obviously, that’s a good thing, but only the first step. So in addition to not prompting when the dialog is in the background we now, additionally, have the following bugs which are desired to be resolved:
- to reduce “update fatigue” don’t prompt users at all unless they haven’t restarted in 48 hours
- silent mode for auto update
- by default, don’t prompt users when minor update is downloaded and ready to be installed, just apply on restart
- don’t show restart now or later dialog after automatic background download
- make upgrade process smoother and avoid confusing/modal dialogs
Needless to say, this particular issue, while haphazardly amusing, will no longer be a problem in Firefox 3.
One thing that I find to be particularly interesting about this whole situation: The easier, and less painful, it is for a user to upgrade minor releases of Firefox, the more secure the browser is. (If a fix is released for a security problem and the user opts to not upgrade, they choose to remain vulnerable – which is a very bad thing.) Thus, anything that can be done to improve the quality of upgrading is considered to be a security enhancement. Security through improved user experience! I like it.
Alex Faaborg (December 11, 2007 at 2:58 am)
To take a glass half full look at this little incident, an update dialog is technically better than an adware induced popup pornstorm exposing them to some serious FCC fines.
I’m really happy to see that a silent update process is finally getting traction. Not having to deal with the update dance is one of the things that makes Web apps so much better than desktop apps.
David Naylor (December 11, 2007 at 8:11 am)
Those sound like some good (suggested) improvements to me.
So, if I understand things correctly, Firefox 3 …
– Won’t steal focus to tell you about an update while you’re actively surfing.
– Won’t tell you about an update when in the background/minimized.
– … unless the browser has been running for 48 hours or more. Then Firefox will tell about the update so that it gets applied in a timely fashion.
– But Firefox won’t ever tell you about minor updates – the above rules only apply to .x updats(?)
John Silvestri (December 11, 2007 at 9:29 am)
Updating silently sounds like a really bad idea. I can’t think of a single leading application (barring antivirus) or OS that I use that does this. Every respectable application asks you before installing an update. What if there’s a bug in the update (*cough* 22.214.171.124 *cough*), and you have read information suggesting this online – when the dialog appears to install it, you can opt out of it. If it’s a silent install, your machine will get trashed, and you’ll be pretty stunned to learn that your computer didn’t practice “If it ain’t broke, don’t fix it.” (BTW, from the user’s point of view, it wasn’t broken, even if it’s a security vulnerability.)
Neil Mix (December 11, 2007 at 10:26 am)
Heh, funny, I’d just posted a blog entry about this topic before reading your latest, John. I’m glad to see you’re taking on the problem. I have pretty strong opinions on the matter, FWIW, check out my latest if you think another POV would be helpful.
@John Silvestri: Acting in fear of making a mistake is no way to impress your customer. Websites don’t ask permission before releasing updates, and yet the world moves on and we don’t think twice about it. There’s precedence for updates that aren’t trepidatious and permission-seeking, and it works well.
Justin Carter (December 11, 2007 at 6:26 pm)
I really dislike that the default option in Firefox is to automatically download updates – IMO it should prompt you before downloading.
There are still people who have no choice but to use dialup internet access, or who are unsuspectingly on broadband plans that have amazingly small download quotas and who then get charged excess usage fees (In Australia out “leading” telco charges $29.95 per month for it’s cheapest ADSL plan of 256/64kbps with 200MB of data and excess of 15 cents PER MB thereafter!). If these people use Firefox’s default settings on dialup they get whacked with slow internet for an hour, or on a broadband plan with a small quota they face going over their limit and being changed excess usage fees, all because of omething running in the background that they don’t know about!..
Another use case could be using a 3G mobile phone as a modem on a notebook, where mobile data is typically very expensive. If a silent download kicks in you could blow your quota or be up for excess usage fees. The user really has to be weary of these things, but many (most?) are not.
You could say a similar thing about Windows Update, however you have to choose an update schedule when you first set up Windows, not have it picked for you behind the scenes. Even Apple Updater asks before downloading :)
I’m fine with prompting about updates if the application has focus, but I’m not fine with silent downloads as a default option because it’s a fact there are cases where it can be detrimental to the user.
Updating a web site is somewhat of a different story because it has much less to do with installing something on client PCs or downloading updates which are multiple MB’s at a time. There is less risk at the client end than when you are dealing with desktop software.
Alexander Gyoshev (December 12, 2007 at 5:03 am)
@John Silvestri: And what if the old version has plenty of bugs but the user is unaware of the update for years? (think of it, what is the share of M$ IE6 when IE7 has arrived). In most user’s eyes, when versioning software, newer means better, btw.
@John Resig: Jeff Atwood has a great article on the subject, just for reference.
Guy Fraser (December 12, 2007 at 5:47 am)
@Justin: Good point about 3G modems – while my contract gives me plenty of transfer quota at home, when I go to another country I suddenly get charged Â£7 GBP **per MB** (a 1000 times increase based on the tarrif at home). There should be an option to turn off auto-update, but it should be on by default.
Ideally the user should be prompted the first time “An update is available, do you want to download it?” with an option to choose whether updates should be installed automatically or manually. Only when set to “automatic” should the actual update be downloaded – if “manual” then very obvious indication should be given to the user in the browser UI, preferably something annoying to really make them want to update.
It’s still extremely important that people install updates – for example: a customer rang us a few weeks ago asking us to do some work for them but mentioned that they were still using IE5.5 (because “it wasn’t broken for them so they don’t need to update) so we simply had to laugh at them and put the phone down.
If they were using IE 6 we might consider the project (only if we had no other work on) but generally only work on IE7 / FF projects these days as there’s simply no point wasting time dealing with broken browsers and the antiquated companies that use them. We don’t want to end up in the same situation with Firefox projects in a few years time.
John Silvestri (December 13, 2007 at 8:18 pm)
@Neil Mix: Websites vs. software is apples & oranges. So long as the change you make to your content/web app doesn’t corrupt online data, the customer is happy. Also, the customer is held captive to your wishes – they have *no* choice in the matter. (They will scream if the change causes issues, though.)
@Alexander Gyoshev: I’m not in any way opposed to updates, or good notifications about updates existing. Heck, I think the current Firefox update system is pretty good – except perhaps for the annoying modal dialog about installing upon restart (which appears to be addressed). I *am* opposed to flat out installing an update without the user’s consent…or at least without asking once! (i.e. the first time you install updates, have a check box “Install updates automatically in the future.”) Windows Updates can be set to automatically install at a given time, in which case consent is not given each time, but a conscious decision was made to approve it. Almost every major application that has an update component typically notifies the user of the update and offers to install it – it is up to the user to approve this action.
soryu (December 15, 2007 at 7:40 pm)
Reminds me of Flash crashing on a huge display in Times Square. Priceless (link to my picture on flickr)
Live on TV is even worse.
Joe (February 18, 2008 at 10:34 am)
First, the trend in the last few years has been toward software that automatically updates itself. Now each desktop has a number of programs running a scheduler, and each attempting to download and install updates, often without user permission.
Downloading and installing ANYTHING without user permission is one of the criteria for malware! That has recently gotten RealPlayer into trouble. Software publishers, including open source, need to take a step back and reconsider the situation. For example, do we really need a dozen schedulers and a dozen downloaders on our workstations? Why not just feed updates throuh Microsoft Update?
I know that’s a radical idea, and I know Firefox runs on non-Windows platforms, but you get the idea. I would bet 90% of Firefox users are running Windows. Gear it to the OS. Provide direct downloads for Linux, and WU/MU (including WUS, etc.) for Windows. Or provide a choice of direct downloads or WU/MU for Windows users. Also, by going through WU/MU, you get around the whole issue of user permission.
My other real concern is that the whole issue of automatic updates is based on the false assumption that users have admin rights. More and more, users are learning to run with limited rights for their own safety. More and more organizations are restricting user rights – none of my users have admin rights.
If Firefox is going to succeed in the enterprise, it needs to be designed in such a way that the network manager can perform silent installs and efficient updates, without having to visit every desktop.
My research on this topic has turned up some old articles in which the -ms parameter was used for a silent install, but there does not appear to be any current documentation on this topic, or on the topic of managing updates.
The Firefox developer community cannot afford to lose their souls and integrity over issues like unauthorized installs!
Great software. Please keep up the good work.
Univesity of South Carolina